Answer all questions in your own words. Do not copy any text from the notes, readings, or other sources. The assignment must be your own work only.
Question 1
Who could stand to gain from undermining your ML model? Briefly explain the model you have in mind – including the task it is intended to perform and how it should function once deployed in a real-world context – and discuss how potential adversaries might benefit from subverting it.
(Max. 250 words)
Question 2
Simple oversights can arguably be as damaging as adversarial attacks. In this unit, you learned two key lessons about robustness: anticipating distribution shift and accepting that there is a trade-off between performance and robustness. Explore the implications of these lessons in the context of your ML model by outlining how well the data and performance measure you intend to use represent reality, why it is necessary to be aware of limitations, and what you consider to be the non-negotiables (i.e., priors) for robust performance and their potential impact on accuracy.
(Max. 250 words)
Question 3
Although robustness is never entirely guaranteed, the way a model is formulated and the chosen algorithms can imbue robustness. Discuss the steps your organization could take to minimize vulnerabilities and ensure acceptable performance for your ML model, and what you intend to achieve in the process.
(Max. 250 words)
